I was talking [virtually] with Pat over the weekend and she shared this blog post…_____________Interesting article from the New York Times online – Technology section (you may have to register free in order to read it):
"Hey Neighbor, Stop Piggybacking on My Wireless" By Michel Marriott -- Published: March 5, 2006
The article talks about the proliferation of home wireless networks, the common practice of "piggybacking" and the lack of security being applied to those home networks.
I'm not a techie and I don't know enough technical details about wireless to try it or to set up a secure wireless network that I feel I can trust. Similarly, I am wary of using wireless in public places like airports and in fact have not activated the wireless facility on my laptop.
Some of my friendly security experts say "no problem if you do it right" and others say "no way, I'm not using myself’.
There are some good recommendations in the article, but I would like to hear from you:-What are your experiences and recommendations? -Can anyone convince me to go ahead and use wireless, especially in my own home?-If so, what is "doing it right"? -How can you confirm that your wireless setup is in fact secure, your firewall is working, and is continuing to protect you?
Pat GaudetDirector, CIPS TorontoDirector, CIPS National_______________
Pat, it's an interesting article and those are good questions to our audience...
Thank you,Stephen Ibaraki
wireless networking at home in australia; I love it and cannot imagine life without it, I can walk around the house with a notebook pc and can access the net anywhere in the house, you can share files and folders between computers even programs. All it takes is a little studying up on the wireless router manual, a good strong encryption it comes easy after a while! I recommend it, it saves cost on wires and wiring and is so good. Cheers Jeffrey ( australia)
At the outset I should state that I am writing this as a "knowledgeable" user and certainly not any kind of wireless network expert. In fact some might even say that I don't even know enough to be dangerous :).
With the proliferation of wireless networks for the home and the difficulties faced by the average person in securing the network (I get asked about this all of the time by my friends and neighbours), I think that it is about time that the manufacturers and retailers took more responsibility.
Even if the manufacturers put all of the necessary information in the manual (they don't always), that simply isn't enough. The average home user has neither the inclination to learn nor the faintest idea about the terminilogy or the process of securing their network, and why should they?
Understandibly, many home users will go to the big box stores, who advertize wireless network products heavily, and put faith in the retail clerk. Where else are they going to go? Not everybody is internet savvy or has a "friend" who knows (I was out just last evening helping a friend with this very problem). In my experience the average retail clerk in these stores can be more dangerous than knowledgeable. It's getting better but still has a long way to go!
The manufacturers still appear to be geared to the "knowledgeable" user. Even now far too many small businesses lack the basic know how to protect themselves or even realize that it is necessary.
What prevents the manufacturers from automating the basics of security for the avarage person/small business via a wizard or some sort of easily used software with an explanation of each step and why it is necessary? Joe Public wants, no must have, and should have, "secure plug and go" with absolutely minimum hassle.
If people's security fears are holding them back from wireless purchase (I know several who are) then the manufacturers are only hurting themselves by not alleviating those fears. Perhaps they figure that they are selling lots of product anyway and the "fine print" absolves them from any possible liability due to data loss or identity theft. I certainly hope that they are not taking such a short sighted view!
At the bare minimum they can try and get some form of encryption in place, such as WPA. Additional measures such as disabling SSID broadcast and MAC filtering might be a little trickier, but who knows. The manufacturers certainly know far more about wireless technology, and the inner workings of routers and network adapters than I do, or ever will!
I have had a wireless network at home for about 2.5 years now and have upgraded the speed and security as the technology has changed. Maybe I have just been lucky, or maybe I am fortunate to have enough knowledge to take the right basic precautions, but so far I don't believe that I have been compromised. However, that does raise the obvious question of "how do you know for sure?". Well, truthfully, I don't other than my bank account is still in tact, my visa bill has no mysterious entries and nobody appears to be going around impersonating me (as if they could :))!
Again, this may be back in the hands of the manufacturers to find a way to give that surety if they want to go on selling more product; there are many more "uneducated" potential home users than business users.
Wireless network technology is going through the classical growing pains of "speciality" to "commodity", which it will no doubt eventually become! Let's hope that the ease of use of the consumer product catches up with sales growth soon.
Not just wireless at home... I read the blog post and decided to check on what's up at my office. Somewhat worrying result of my "inquiry" is that two businesses around here could have me piggybacking off them this very instant.
It's quite frightful.
This is a great discussion on wireless...
For businesses and IT Managers, this week's March 10th interview with Laura Chappell provides some best practices worth considering for wireless. Click on the link above.
Thank you all for your insightful comments.
Many thanks to all of you for responding; it's nice to know I'm not alone in my concerns. I especially appreciate your detailed response, Graham, and Stephen's reference to the interview with Laura Chappell.
It would be great if we could get the message out to the manufacturers about home users and the need for home users to be able to plug and play wirelessly, in confidence, and to be able to verify that it's working as it should.
Any suggestions as to how to communicate that message?
Regards -- Pat